Django, Wicket, â¦) â£Write reactive web applications quickly. â£... Once you understood ..... â£Integration with. â
Lucas Satabin
[email protected]
Reactive Web Programming with Lift th
July 7 2010
Reactive Web Programming with Lift
2
Lift Books
Available April 2011 Early preview: http://www.manning.com/perrett/
Free online version: http://groups.google.com/group/the-lift-book
Reactive Web Programming with Lift
3
Lift Tutorials
The lift maven archetypes!
http://www.infoq.com/presentations /lift-web-framework-scala-pollack Official website: http://www.liftweb.net/
“
Lift is the only new framework in the last four years to offer fresh and innovative approaches to web development. It's not just some incremental improvements over the status quo, it redefines the state of the art. If you are a web developer, you should learn Lift. Even if you don't wind up using it everyday, it will change the way you approach web applications. Michael Galpin, Developer, eBay
Reactive Web Programming with Lift
Lift What is Lift?
‣A framework for writing web applications in Scala ‣Solves elegantly many common problems encountered in web application development
‣Includes the best ideas from all other web frameworks! (Rails, Django, Wicket, …)
‣Write reactive web applications quickly ‣... Once you understood the concepts...
5
Reactive Web Programming with Lift
Architecture
6
Reactive Web Programming with Lift
Lift Configuration
‣Application configuration in a Boot class ‣Define the website structure ‣Define the />
index.html
Welcome! Welcome to Lift at !
17
Reactive Web Programming with Lift
18
The Snippet part HelloWorld.scala
package ctfda.firstApp.snippet import java.util.Date import scala.xml.NodeSeq import net.liftweb.util.Helpers._
class HelloWorld { def sayHello(html: NodeSeq): NodeSeq = bind("hello", html, "date" -> new Date().toString) }
Reactive Web Programming with Lift
And Voilà! $ mvn jetty:run … A lot of stuffs … [INFO] Starting scanner at interval of 5 seconds.
19
Reactive Web Programming with Lift
Adding New Pages
‣All accessible pages configured in the Boot class ‣The SiteMap describes the web application structure
20
Reactive Web Programming with Lift
Session Management Problems and Solution
Reactive Web Programming with Lift
Session Management A general (and ubiquitous) problem
‣Why do I need sessions? ‣HTTP is stateless → it makes everything difficult ‣Where should sessions be managed? ‣On the client side ‣On the server side ‣On both sides?
22
Reactive Web Programming with Lift
Sessions in Lift ‣Lift is a stateful framework! ‣LiftSession NOT build on top of HttpSession ‣Implemented with an actor managing the lifecycle of sessions ‣Two main classes: SessionVar and RequestVar ‣No direct reference to the session ‣Type-safe access to the at="content"> Welcome! Welcome to Lift at !
Please give your name
24
Reactive Web Programming with Lift
Session Variable Result
25
Reactive Web Programming with Lift
Persistence
Reactive Web Programming with Lift
The Mapper Component ‣Original persistence framework ‣Closely tied to JDBC ‣Based on two basic traits ‣Mapper → per-instance features ‣MetaMapper → global operations ‣Inheriting from these traits makes the entity persistent ‣Easy to use for > New comment
36
Reactive Web Programming with Lift
Comet
37
Reactive Web Programming with Lift
Comet: Principles ‣Programming technique ‣Allows a server to send messages to clients ‣Better than classical polling ‣Different approaches for implementation ‣Hidden IFrame ‣Long polling ‣Alternative: HTML5 server-sent DOM events
38
Reactive Web Programming with Lift
Comet in Lift ‣Different implementations ‣Sleeping threads Does not scale! ‣Non-Blocking IO ‣Jetty Continuations when running in Jetty ‣Future: Servlet 3.0 Suspended Requests ‣Actor driven development ‣CometActor does almost everything for you!
39
Reactive Web Programming with Lift
Comet in Lift: Ideas ‣A dispatcher actor object ‣Publish/Subscribe style ‣Comet actors register with this actor ‣A Comet actor ‣One instance per type per session ‣Update the client content
40
Reactive Web Programming with Lift
Comet Flow in Lift
‣Gets a Comet request ‣Checks the CometActors to see if there are any messages. ‣If no messages, request suspended, no response to client ‣When your Comet actor receives a message, response is calculated, request resumed
‣Response sent to client
41
Reactive Web Programming with Lift
Comet Comments case class AddComment(postId: Long, author: String, date: Date, content: String) object Blog { ... def comments(html: NodeSeq): NodeSeq = { ... bind("comment", html, AttrBindParam("cometName", S param "id" open_!, "name"), "newAuthor" -> text("Anonymous", a => author = a), "newContent" -> textarea("", t => content = t), "submit" -> ajaxSubmit("Post comment!", () => { Commenter ! AddComment(id, author, new Date, content) Noop })) } }
42
Reactive Web Programming with Lift
Commenter Actor object Commenter extends LiftActor with ListenerManager { var postId = 0L def createUpdate = postId override def lowPriority = { case AddComment(postId, author, date, content) => // save the comment ... // save the post id this.postId = postId updateListeners() } }
43
Reactive Web Programming with Lift
Comet Actor class Comments extends CometActor with CometListener { override def shouldUpdate = { case id: Long if id == name.map(_.toLong).open_! => true case _ => false } def registerWith = Commenter val postId = S.param("id").map(_.toLong).openOr(0L) var comments: List[Comment] = getComments private def getComments = Comment.findAll( By(Comment.post, postId), OrderBy(Comment.date, Descending)) override def lowPriority = { case id: Long => comments = getComments reRender(false) case _ => Log info "other message" } def render = bindComments }
44
Reactive Web Programming with Lift
Security
Reactive Web Programming with Lift
Authentication
‣Using the MegaProtoUser class ‣Allows use of Realms ‣For example Single Sign-On ‣Abstractions for Basic and Digest HTTP Authentication ‣Hierarchical role structure
46
Reactive Web Programming with Lift
XSS Attacks
‣Nonce generated each time a form is loaded ‣Avoid scripting ‣Resistant to the OWASP top 10 vulnerabilities including ‣XSS ‣XSRF ‣parameter tampering
47
Reactive Web Programming with Lift
Resources Access ‣Strong control over accessible resources ‣Only pages added to the SiteMap ‣WEB-INF and template-hidden directories never directly accessible
‣Use of container access control ‣Configuration in web.xml ‣Works on all Servlet containers
48
Reactive Web Programming with Lift
To be continued...
Reactive Web Programming with Lift
What Else? ‣Support for RESTful web services ‣A lot of helpers ‣JSON parser ‣Email ‣Checks ‣… ‣Integration with ‣OpenID ‣XMPP (Jabber) ‣Lucene ‣Facebook
50
Reactive Web Programming with Lift
And Even More
‣Widgets ‣Calendar ‣Table sorter ‣Tree view ‣… ‣Screens and Wizards
51
Reactive Web Programming with Lift
Thank you for your attention Any questions?